§ Tag
ISO
ISO 27001 and the broader 27000 family — what the standard actually requires and how certification runs.
ISO 27001 requirements: clauses 4–10 and Annex A
ISO 27001 requirements explained clause by clause. What auditors expect for the ISMS, risk treatment, internal audit, management review, and Annex A evidence.
Dev Agarwal7 min readRead
What is ISO 27001? A plain-English primer
What is ISO 27001, what an ISMS actually is, and why the Statement of Applicability matters. A CPA firm's jargon-free primer for US SaaS founders.
Dev Agarwal6 min readRead
ISO 27001 certification: how it actually works
A SaaS founder's guide to ISO 27001 certification: who issues it, stage 1 vs stage 2, the three-year cycle, timelines, and how it compares to SOC 2.
Dev Agarwal8 min readRead